Pb with RAS in case of subnetted class A

  • Thread starter Thread starter Nicolas Helleringer
  • Start date Start date
N

Nicolas Helleringer

Hi all,

KB 160699 article
(http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com
:80/support/kb/articles/q160/6/99.asp&NoWebContent=1) says that subnet mask
is set corresponding to the standard class type of the assigned IP.

This way, if you want to connect two subnetted class A (10.0.0.0/24 and
10.0.1.0/24 for ex), RAS cannot be used simply (i-e without doing hell-like
'routing-after-ras-as-connected scripting).

Why have RAS coders chosen not to be able to specify the subnet mask ?
This does not make sense.

N.B : This is true for NT 4 RAS client but windows 2000/XP/2003 does not
solve the issue as he correctly set as mask of 255.255.255.255 for the RAS
assigned IP but the subnet mask used by the route to the remote network it
adds, in case of 'do not use RAS network as default gateway', is 'chosen'
the same way.

Why shall the RAS client choose alone what class/width the network he
connects to has ?
Why ??

Niko
 
In fact, the situation with W2k/XP is very similar to W9x and NT. KB
254231 sets out the differences. You really need to look at the routing
table to see what is happening, not just ipconfig.

Are you sure this is your problem? With the standard setup, ALL traffic
goes over the dialup link, because a default route is set to use the
connection. Even if you disable the "use default router .. " option, a
subnet route of 10.0.0.0 255.0.0.0 is created, so all 10.x.x.x traffic
will go to the server. You will only need to add extra routing for subnets
like 192.168 or 172.16 , and only if you have disabled the default router
option.
 
In fact, the situation with W2k/XP is very similar to W9x and NT. KB
254231 sets out the differences. You really need to look at the routing
table to see what is happening, not just ipconfig.
Click to expand...
I have.
Are you sure this is your problem?
Click to expand...
Hum, yes. :)
With the standard setup, ALL traffic
goes over the dialup link, because a default route is set to use the
connection.
Click to expand...
As I do not want ALL traffic to go through the VPN I cannot use the 'with
default gateway mode'.
I try to connect to remote networks so the RAS establisher router as all
ready a lot of routes and a default gateway of its own which cannot be
changed.
Even if you disable the "use default router .. " option, a
subnet route of 10.0.0.0 255.0.0.0 is created, so all 10.x.x.x traffic
will go to the server.
Click to expand...
Ok, I'll explain again : the remote network is 10.0.0.0/24 (class A
subnetted as a class C) and want to connect to 10.0.1.0/24 (idem).
So with the route 10.0.0.0 255.0.0.0 set by the ras the connecting router
from the 10.0.0.0/24 network cannot reach its local network after RAS is up
.... as all traffic to 10.0.0.0/8 is sent through the RAS connection ...
feature not wanted and not tuneable.
You will only need to add extra routing for subnets
like 192.168 or 172.16 , and only if you have disabled the default router
option.
Click to expand...
Nothing to do with my problem.

Niko
 
Well you do not have to use "on-subnet" addresses. You can set your
RRAS server to allocate the remotes IP addresses in a completely different
subnet (say 192.168.1.0/24) . Then the remote client will only send traffic
for 192.168.1.x through the tunnel (after you clear the "use default router
... " box), and the server's "virtual" IP will be 192.168.1.n. You can route
between the 192.168.1.0 subnet and the LAN subnet by enabling IP routing on
the RRAS server.

The "on-subnet" setup is just a quick and easy solution to get a
connection going without having to worry about IP routing. The traffic is
just proxied on to the LAN. If you know how IP routing works, it is better
to use a routed connection.
 
Well you do not have to use "on-subnet" addresses. You can set your
RRAS server to allocate the remotes IP addresses in a completely different
subnet (say 192.168.1.0/24) . Then the remote client will only send traffic
for 192.168.1.x through the tunnel (after you clear the "use default router
.. " box), and the server's "virtual" IP will be 192.168.1.n. You can route
between the 192.168.1.0 subnet and the LAN subnet by enabling IP routing on
the RRAS server.
Click to expand...
Would have been so simple if in MS RAS Client, they give you the CHOICE of
configuring the subnet mask.
I just do not like hidden options or non-configureable faetures.
The "on-subnet" setup is just a quick and easy solution to get a
connection going without having to worry about IP routing. The traffic is
just proxied on to the LAN. If you know how IP routing works, it is better
to use a routed connection.
Click to expand...
Having stables routes with RAS is still quite difficult ...

Niko
 
Back
Top